Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1911

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1911
Last Modified 29 Oct 2012 11:10:25
Published 22 Apr 2008 12:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1911

Summary

SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie.

Vulnerable Systems

Application

  • 1024 Cms 1.4.2


References

BID - 28754

MILW0RM - 5434

SECUNIA - 29810

XF - 1024cms-system-sql-injection(41785)


Last Updated: 27 May 2016 10:47:14